A New Era of Cybercrime: AI-Powered Attacks on Decentralized Finance

Researchers from University College London and the University of Sydney have developed an AI agent system called A1 that can autonomously discover and exploit vulnerabilities in smart contracts, revealing a new era of cybercrime that could have devastating consequences for the decentralized finance (DeFi) industry.

The A1 system uses various AI models from leading technology companies, including OpenAI, Google, DeepSeek, and Alibaba, to develop exploits for Solidity smart contracts. These AI models, such as OpenAI’s o3-pro and o3, Google’s Gemini Pro and Gemini Flash, DeepSeek’s R1, and Alibaba’s Qwen3 MoE, are trained on vast amounts of data and can learn to recognize patterns and relationships in complex systems.

The A1 system leverages these AI models to generate exploits in the form of compilable Solidity contracts, which it tests against historical blockchain states. This approach allows A1 to identify vulnerabilities that may have been missed by traditional security tools, making it a powerful tool for cybercriminals.

The researchers tested A1 on 36 real-world vulnerable contracts on the Ethereum and Binance Smart Chain blockchains, achieving a 62.96% success rate on the VERITE benchmark. The system’s ability to extract up to $8.59 million per case and $9.33 million total from successful exploits makes it a lucrative business model for cybercriminals.

The use of AI models to generate exploits for cryptocurrency vulnerabilities is a concerning trend in the cybersecurity landscape. These models can learn to recognize patterns and relationships in complex systems, making them increasingly effective at identifying vulnerabilities.

“The AI models we’re using are incredibly powerful,” said Liyi Zhou, a lecturer in computer science at the University of Sydney. “They can learn to recognize patterns and relationships in complex systems, making them increasingly effective at identifying vulnerabilities.”

The researchers warn that the current regulatory climate in the US, with an estimated cybercrime enforcement rate of 0.05%, means that the risk of imprisonment for those using A1 to exploit vulnerabilities is relatively low. This, combined with the 10x asymmetry between the rewards of attacking and defending, makes it difficult for defenders to keep up with the threat.

“We’re not saying that A1 is a malicious tool, but it’s a powerful tool that can be used for malicious purposes,” said Zhou. “We’re concerned about the potential for widespread exploitation of smart contract vulnerabilities, and we think that project teams should use tools like A1 themselves to continuously monitor their own protocol, rather than waiting for third parties to find issues.”

The development of A1 raises important questions about the potential risks and consequences of using AI-powered tools to exploit vulnerabilities in smart contracts. As the DeFi industry continues to grow and evolve, it’s clear that cybersecurity will be a major challenge that must be addressed.

Key AI Models Used in A1:

OpenAI’s o3-pro: A highly advanced language model that can generate human-like text and perform complex tasks.

OpenAI’s o3: A powerful language model that can generate human-like text and perform complex tasks.

Google’s Gemini Pro: A highly advanced language model that can generate human-like text and perform complex tasks.

Google’s Gemini Flash: A powerful language model that can generate human-like text and perform complex tasks.

DeepSeek’s R1: A highly advanced language model that can generate human-like text and perform complex tasks.

Alibaba’s Qwen3 MoE: A powerful language model that can generate human-like text and perform complex tasks.

These AI models are trained on vast amounts of data and can learn to recognize patterns and relationships in complex systems, making them increasingly effective at identifying vulnerabilities.